/**
 * Created by zhangjing on 2018/3/7.
 */
var urllib=require('url');
var request=require('request');
var logger=require('../common/logger');
var _=require('lodash');

var ALLOW_HOSTNAME=[
    'avatars.githubusercontent.com', 'www.gravatar.com',
    'gravatar.com', 'www.google-analytics.com',
];

exports.proxy=function (req,res,next) {
    var url=decodeURIComponent(req.query.url);
    var hostname=urllib.parse(url).hostname;

    if (ALLOW_HOSTNAME.indexOf(hostname) === -1) {
        return res.send(hostname + ' is not allowed');
    }

    request.get({
        url:url,
        //返回一个不包含cookie 和refer字段的req headers
        headers: _.omit(req.headers, ['cookie', 'refer']),
    })
        .on('response',function (response) {
            res.set(response.headers);
        })
        .on('error', function (err) {
            logger.error(err);
        })
        .pipe(res);
}